log4js GitHub Issue #1105 - a great answer from gmillerd:
"""
This is a JS implementation of a log4 like pattern in js, it is not a port of log4j nor log4j2. It doesn't use jini or ldap.
log4js doesn't have a native way to eval or execute code in the methods, you pass it values and it logs them (I think I am on solid ground for the appenders plugins as well, obviously someone could do that).
That said, anyone that can generate log messages can impact something.
""" This is a JS implementation of a log4 like pattern in js, it is not a port of log4j nor log4j2. It doesn't use jini or ldap.
log4js doesn't have a native way to eval or execute code in the methods, you pass it values and it logs them (I think I am on solid ground for the appenders plugins as well, obviously someone could do that).
That said, anyone that can generate log messages can impact something.